Solution Paper

www.efficientip.com

5G mobile networking is able to deliver many improvements over previous versions of celular technologies. The deployment of networks will be phased over several years and features will appear along the road at the rhythm of normalisation by 3GPP (3rd Gene-ration Partnership Project).

As initial benefits for the mobile user, 5G networks can provide a greater density of de-vices on the radio network, higher bandwidth and lower latency transit that enables new usages like industrial control, inter autonomous vehicle event sharing (V2V), augmented reality or mobile online gaming. This all requires powerful infrastructure close to the mobile device and quick decisions on IP network basics, including DNS.

5G private networks can be used for large campuses (e.g. airports, universities, factories) as an alternative to existing wireless data solutions1. In addition, telcos are able to build dedicated slices for large mobile customers or corporations acting as an access provider, whereas today device connectivity is mainly the responsibility of the I&O teams. Enter-prise slices can be seen as an extension of the private network and require smooth inte-gration of IP services like address plan management and naming resolution. DHCP and DNS services are part of the fundamental IP services required to extend the private cor-porate network over telcos waves.

3GPP releases 15, 16 and 17 bring innovation and material for new services for telcos. Mobile users and enterprises will take advantage of these new services for their own business and usages. With a slow normalization process of the entire 5G standards and slow deployment of both radio network and disruptive services, enterprises can plan their new usages and imagine new use cases. Telcos on the other hand should already prepare their infrastructure for this new hyped technology. Radio network, coverage and backbone networks are a big obvious part of this work. Edge computing and service vir-tualization are other important transformations as the deployment model is moving to-wards software for most functions (known as NFV for Network Virtual Functions). Some functions will be hosted in central parts of the network but most functions related to IP services may benefit from being hosted at the edge of the networks, close to the end devices in order to limit delay and backhauling the network traffic to central points. This is where EfficientIP SOLIDserver solution brings great value to 5G services.

1 Private networking is part of the 3GPP release 15 deployed in 2020

Key Benefits• Enhanced performance with

the fastest available DNS and DHCP servers

• Improved user experience with scalability and intelligent user to application routing

• Heightened security with filtering capabilities and client behavioral deep analysis

• Simplified deployment with the SmartArchitectures easing NFV management

• Strengthened resiliency with rich topology capabilities, clustering and inherent resiliency

• Strong support of telecommunication standards for robust service architecture

DDI for 5G InfrastructuresHow SOLIDserver™ Enhances Network Performance, UX and Security

Operator IT Challenges for 5G Networks

In addition to financial impacts for operators linked to massive deployment costs, on the IT side the main challenges faced will include:

• Deploying network architecture to handle bandwidth for end user devices and increased number and variety of radio base stations (TDD, FDD and NB-LTE), in order to fulfil the three main contradictory usages:

1. eMBB (enhanced mobile broadband at 10Gbps)

2. uRLLC (ultra-reliable and low latency communications at 1ms delay)

3. mMTC (massive machine type communications at 1 million devices per km²)

• Limiting overall round trip delay between device and content from any consumed application for new usages; this requires bringing computing resources near the device in the network for caching content, aggregating and preprocessing data, and optimizing network paths and IP routes

• Scaling capacities up and down in order to optimize running costs and energy consumption

DDI (DNS-DHCP-IPAM) Requirements for 5G Networks

5G deployments face multiple challenges, due mainly to the fact that they significantly change the way telcos normally build and operate their networks. Software is at the heart of the 5G revolution, and IP is the standard protocol between apps, making the DDI solution a funda-mental base as an IP service enhancer.

Low latency is pushing the limits on multiple systems so DNS resolu-tion times have come very much to the foreground. And whereas hard-ware was previously common, fast deployment and auto-scaling archi-tecture with NFV have become mandatory.

Lastly, in order to minimize DNS lookup times and increase cache-hit ratio for local users, it is essential to place DDI components for ena-bling IP services at the edge of the new networks and thus closer to end-users, while taking advantage of automation and scalability. That is exactly how EfficientIP’s SOLIDserver DDI is architectured.

Value Brought By SOLIDserver DDI

EfficientIP SOLIDserver DDI solution helps telcos with enabling their new 5G services, using a platform which regroups an extended set of services. These range from traditional IPAM, DNS and DHCP to ad-vanced security, application traffic management and a rich set of API and events to be included easily in any ecosystem of NFV and legacy applications.

Solution Paper | DDI for 5G Infrastructures

SOLIDserver DDI Highlights• Ultra low delay DNS cache

access

• Enhanced security with DNS behavior analysis

• High DNS response rate (Queries Per Second)

• Fast and simplified deployment capabilities

• Central monitoring and analytics

• High performance DHCP

• Full DDI automation & large ecosystem

• Rich repository with single pane of glass management

The following section describes key values SOLIDserver DDI brings to operators.

Enhanced Performance

With the fastest DNS on the market - the DNS Blast solution - any topology situation among current and future 5G designs requesting high DNS throughput, cache performance or ultra low latency can be achieved with either virtual or physical appliances. With up to 17 millions queries answered per second by the DNS, telcos can guarantee that mobile devices will get timely access for their content and IoT to their computation and decision resources taking full advantage of low latency slices.

By using Guardian DNS solution, the horizontal scaling for DNS NFV enables quick response to scaling needs. Ultra low latency DNS answering at an average of 28 µs combined with pre-warmed cache through sharing capabilities al-lows telco edge infrastructure to use minimal resources without fear of scaling down when they are not being used.

For slices with DHCP IP addressing enabled, high performance rates up to 6.000 leases per second on a single ap-pliance can cope with mobility bursts and high speed devices roaming required by autonomous vehicles (V2V and V2I) enabled slices.

Improved User Experience

Fast DNS answers provide significant improvement on the experience of any mobile user. This is even more impor-tant with lower transit delay on the radio network, which is one of the main advantages of the 5G radio network.

The experience is not only linked to DNS performances, it can also be optimized by choosing the most appropriate destination for an application requested, site or service. Using Edge DNS GSLB (Global Server Load Balancing) in the DNS NFV installed near to mobile devices can help reduce latency. Incorporating intelligent application traffic routing, it continuously analyzes the network and application performances hosted on multiple sites and servers in order to make the best decision.

SERV

ICE

&

ORC

HES

TRA

TIO

NSO

FTW

ARE

NET

WO

RKFU

NCT

ION

S

LOG

ICA

LLA

YER

PHYS

ICA

LLA

YER

PNFSDN

VNF MANAGERS / ORCHESTRATORS / REPOSITORY

VNF

RadioN E T W O R K

TransportN E T W O R K

CoreN E T W O R K I N T E R N E T

EDGECOMPUTING

METROCOMPUTING

CORECOMPUTING

CLOUDCOMPUTING

IoT

Recursive DNSEdge DNS GSLBDHCP

Recursive DNSDHCP

Regional SOLIDserver ManagerAPI Endpoint

S O L U T I O N S

Global SOLIDserver ManagerAPI Endpoint

Authoritative Private DNS Authoritative Public DNS

SOLIDserver DDI in 5G Architectures

Solution Paper | DDI for 5G Infrastructures

Similar to a CDN service optimizing the content delivered to the web browser, any 5G enterprise private slice would benefit from GSLB routing optimization at the edge of the network. By simply defining the key application load-ba-lancing distribution strategy, administrators can influence the destination that each mobile device will reach based on its location on the radio network. This is even more interesting for low end devices like IoT that may not be able to handle complex application access strategies in their software, but certainly use the DNS service for resolution and to locate the application server they want to connect to over the IP network.

Heightened Security

DNS service is key to any IP and internet communication. It handles any intent of connection from a user to an appli-cation server by resolving the name to a technical IP address. This gives the DNS an excellent viewpoint for applying a first layer of security, allowing abnormal access requests to be filtered out. Thanks to DNS security natively provi-ded by the patented DNS Guardian solution, EfficientIP can help 5G providers to enhance their access security on dedicated slices for enterprises or IoT / V2V.

Operators also have the potential to gain competitive advantage for VIP clients, via creation of premium offers with a first barrier based on threat intelligence combined with behavioral client analysis. This is made possible thanks to the quick response time of the Guardian on unknown attack sources and malware traffic. By extension the ad-vanced filtering function available at the DNS level, in the DNS Firewall solution, allows specific business filtering like parental control or anti-malware filtering near the user’s device.

In order to offer end user protection, SOLIDserver DNS servers are able to secure integrity of any answer using the DNSSEC solution. This can be critical for IoT (to avoid DDoS attacks), for connected vehicles (to avoid hijacking), and for healthcare devices (to avoid confidential data breaches). SOLIDserver DNS servers can also allow ciphering of the data traffic between the connected device and its first resolver through DNS over TLS or DNS over HTTPS.

Simplified Deployment and Administration

5G architecture brings new paradigms directly linked to new software patterns. Most services on a 5G network are provided in software modules equivalent to service architecture having long been used in standard applica-tions. That requires any function deployed in the network to be simple to deploy and administer. This is exactly the purpose of the SmartArchitecture functionality implemented in EfficientIP SOLIDserver; a way to easily configure a group of services as a single entity. Deploying a new DNS network function doesn’t require specific configuration of the DNS service itself. It directly inherits the properties of the SmartArchitecture in which it is placed. This allows quick replacement of failing equipment, horizontal scalability (scale-in and scale-out), and daily traffic patterns to support the standard traffic or in preparation of a specific mass event.

DNSAuthoritative

DNSClients

DNS Guardian analyses DNS transactions end-to-end

Solution Paper | DDI for 5G Infrastructures

The central administration of all the SmartArchitectures is key to 5G DNS NFV administration as it practically elimi-nates the time spent on basic configuration processes, helping move towards a zero touch deployment strategy.

Strengthened Resiliency

Service continuity is vital for 5G networks. It can be handled by horizontal scalability and NFV patterns, but also by robust and proven solutions like clustering. All components of the EfficientIP SOLIDserver are designed to be redun-dant. When the protocol is not directly taking care of the traffic spread and redundancy, clustering solutions are added with active/active or active/passive architectures.

Continuity is also dependent on minimizing the Recovery Time Objective (RTO) for critical services, which is one of the key benefits of the SmartArchitecture approach. SmartArchitecture brings simplified resilience and disaster recovery management, with automated configurations and standardized topology templates. It allows configura-tion at a meta level directly applicable to fresh installations. The configuration is automatically applied with all the parameters in order to have the service up and running with minimum manipulation, and is therefore error-free.

Resiliency is important at the service level, especially for critical ones like DHCP and DNS, so it is important to ma-nage any failure scenario that may appear. DNS Guardian provides a unique continuity feature able to continue ser-ving records even in case of failure of the upstream DNS infrastructure, whether it’s private or public. DNS should never fail to provide clients with a good resolution service whenever the underlying network is still functioning. For DHCP, service resiliency is directly related to always-on clustering function allowing active/active architecture for demanding slices.

For complex application traffic management, SOLIDserver DNS incorporates a very advanced and disruptive GSLB (Global Server Load Balancing) solution that helps optimize latency and enable flexible DRP scenarios.

Open API for Rich Integration

In any modern ecosystem APIs are the enabler for easy interconnection and loose coupling through event handling. SOLIDserver is built around API as a service based system and any action performed by automation or the GUI can be also performed through API. This allows easy integration of all the DDI, security and application traffic manage-ment to be administered centrally or through a VNF manager. It also allows the IPAM to act as the central repository for the whole 5G infrastructure with dynamic updates reflecting the exact configuration of services and networks in place in the SDN.

EDGECOMPUTING

METROCOMPUTING

CORECOMPUTING

S C A L A B I L I T YSmart Architecturetm

Using SmartArchitecture templates to simplify and accelerate deployments

Solution Paper | DDI for 5G Infrastructures

Support of Standards

By implementing all the adopted standards on IP service protocols like DNS and DHCP, SOLIDserver is a robust cornerstone for 5G service deployment. One of the key evolutions in 5G internal requirements relates to finding resources using DNS. It enables complex network topologies and scale-out principles for all the internal compo-nents of the network. This support is enabled by a strict implementation of required features using S-NAPTR, SRV and A/AAAA DNS records as stated in the 3GPP normalization (cf TS 29.303), and also in the Internet standard like IETF RFC3958 (Domain-Based Application Service Location Using SRV RRs and the Dynamic Delegation Discovery Service (DDDS).

In addition to standard compliance directly related to 5G, telcos are planning their next 10 to 15 years networking solutions, and in that context IPv6 is mandatory. Standard IPv4 has proven to be complex to maintain in mobile networks, implying use of CGNAT in order to connect ever more devices behind the same address. To move to IPv6 at large scale, the SOLIDserver solution has been proposing for a long time proven technologies like NAT64 and DNS64, which have been successfully deployed in many telco mobile networks worldwide.

Conclusion

5G telecommunication providers are changing the way data is exchanged and people are talking, sharing, playing, working and living together. Service providers are facing constant challenges to set up their infrastructure and evolve it to cater for new usages. More capacity, more devices, more bandwidth, and more powerful networks are required for all the use cases that can now be enabled by 5G technologies.

At the heart of the engine we find all the components of modern IP networks and anything able to bring application content and service back to any user device. DDI is a cornerstone of any IP network, from a small home to a very large enterprise and obviously the whole Internet. By offering a coherent and integrated solution, EfficientIP SOLID-server enables 5G networks by bringing network automation, standard support, industry-leading performances, high computing capacities and innovations.

REV: C-200319

Solution Paper | DDI for 5G Infrastructures

As one of the world’s fastest growing DDI vendors, EfficientIP helps organizations drive business efficiency through agile, secure and reliable network infrastructures. Our unified management framework for DNS-DHCP-IPAM (DDI) and network configurations ensures end-to-end visibility, consistency control and advanced automation. Additionally, our unique 360° DNS security solution protects data confidentiality and application access from anywhere at any time. Companies rely on us to help control the risks and reduce the complexity of challenges they face with modern key IT initiatives such as cloud applications, virtualization, and mobility. Institutions across a variety of industries and government sectors worldwide rely on our offerings to assure business continuity, reduce operating costs and increase the management efficiency of their network and security teams.Copyright © 2020 EfficientIP, SAS. All rights reserved. EfficientIP and SOLIDserver logo are trademarks or registered trademarks of EfficientIP SAS. All registered trademarks are property of their respective owners. EfficientIP assumes no responsibility for any inaccuracies in this document or for any obligation to update information in this document.

AmericasEfficientIP Inc.1 South Church StreetWest Chester, PA 19382-USA+1 888-228-4655

EuropeEfficientIP SAS90 Boulevard National92250 La Garenne Colombes-FRANCE+33 1 75 84 88 98

AsiaEfficientIP PTE Ltd33 Ubi Avenue 308-25 Vertex Building, Singapore 408868+65 6678 7752